From: schwarze@mdocml.bsd.lv
To: source@mdocml.bsd.lv
Subject: mdocml: fix unchecked snprintf(3) in page header printing: the length of
Date: Sun, 20 Apr 2014 16:18:12 -0400 (EDT) [thread overview]
Message-ID: <201404202018.s3KKICIp008088@krisdoz.my.domain> (raw)
Log Message:
-----------
fix unchecked snprintf(3) in page header printing:
the length of the title is unknown, and speed doesn't matter here,
so use asprintf/free rather than a static buffer
Modified Files:
--------------
mdocml:
man_html.c
man_term.c
mdoc_html.c
mdoc_term.c
Revision Data
-------------
Index: man_term.c
===================================================================
RCS file: /usr/vhosts/mdocml.bsd.lv/cvs/mdocml/man_term.c,v
retrieving revision 1.146
retrieving revision 1.147
diff -Lman_term.c -Lman_term.c -u -p -r1.146 -r1.147
--- man_term.c
+++ man_term.c
@@ -28,6 +28,7 @@
#include <string.h>
#include "mandoc.h"
+#include "mandoc_aux.h"
#include "out.h"
#include "man.h"
#include "term.h"
@@ -1049,9 +1050,9 @@ print_man_nodelist(DECL_ARGS)
static void
print_man_foot(struct termp *p, const void *arg)
{
- char title[BUFSIZ];
- size_t datelen;
- const struct man_meta *meta;
+ const struct man_meta *meta;
+ char *title;
+ size_t datelen;
meta = (const struct man_meta *)arg;
assert(meta->title);
@@ -1071,11 +1072,12 @@ print_man_foot(struct termp *p, const vo
if ( ! p->mdocstyle) {
term_vspace(p);
term_vspace(p);
- snprintf(title, BUFSIZ, "%s(%s)", meta->title, meta->msec);
+ mandoc_asprintf(&title, "%s(%s)",
+ meta->title, meta->msec);
} else if (meta->source) {
- strlcpy(title, meta->source, BUFSIZ);
+ title = mandoc_strdup(meta->source);
} else {
- title[0] = '\0';
+ title = mandoc_strdup("");
}
datelen = term_strlen(p, meta->date);
@@ -1111,14 +1113,16 @@ print_man_foot(struct termp *p, const vo
term_word(p, title);
term_flushln(p);
+ free(title);
}
static void
print_man_head(struct termp *p, const void *arg)
{
- char buf[BUFSIZ], title[BUFSIZ];
- size_t buflen, titlen;
- const struct man_meta *meta;
+ char buf[BUFSIZ];
+ const struct man_meta *meta;
+ char *title;
+ size_t buflen, titlen;
meta = (const struct man_meta *)arg;
assert(meta->title);
@@ -1132,7 +1136,7 @@ print_man_head(struct termp *p, const vo
/* Top left corner: manual title and section. */
- snprintf(title, BUFSIZ, "%s(%s)", meta->title, meta->msec);
+ mandoc_asprintf(&title, "%s(%s)", meta->title, meta->msec);
titlen = term_strlen(p, title);
p->flags |= TERMP_NOBREAK | TERMP_NOSPACE;
@@ -1183,4 +1187,5 @@ print_man_head(struct termp *p, const vo
term_vspace(p);
term_vspace(p);
}
+ free(title);
}
Index: man_html.c
===================================================================
RCS file: /usr/vhosts/mdocml.bsd.lv/cvs/mdocml/man_html.c,v
retrieving revision 1.93
retrieving revision 1.94
diff -Lman_html.c -Lman_html.c -u -p -r1.93 -r1.94
--- man_html.c
+++ man_html.c
@@ -28,6 +28,7 @@
#include <string.h>
#include "mandoc.h"
+#include "mandoc_aux.h"
#include "out.h"
#include "html.h"
#include "man.h"
@@ -300,9 +301,10 @@ a2width(const struct man_node *n, struct
static void
man_root_pre(MAN_ARGS)
{
+ char b[BUFSIZ];
struct htmlpair tag[3];
struct tag *t, *tt;
- char b[BUFSIZ], title[BUFSIZ];
+ char *title;
b[0] = 0;
if (man->vol)
@@ -310,7 +312,7 @@ man_root_pre(MAN_ARGS)
assert(man->title);
assert(man->msec);
- snprintf(title, BUFSIZ - 1, "%s(%s)", man->title, man->msec);
+ mandoc_asprintf(&title, "%s(%s)", man->title, man->msec);
PAIR_SUMMARY_INIT(&tag[0], "Document Header");
PAIR_CLASS_INIT(&tag[1], "head");
@@ -341,6 +343,7 @@ man_root_pre(MAN_ARGS)
print_otag(h, TAG_TD, 2, tag);
print_text(h, title);
print_tagq(h, t);
+ free(title);
}
static void
Index: mdoc_html.c
===================================================================
RCS file: /usr/vhosts/mdocml.bsd.lv/cvs/mdocml/mdoc_html.c,v
retrieving revision 1.188
retrieving revision 1.189
diff -Lmdoc_html.c -Lmdoc_html.c -u -p -r1.188 -r1.189
--- mdoc_html.c
+++ mdoc_html.c
@@ -29,6 +29,7 @@
#include <unistd.h>
#include "mandoc.h"
+#include "mandoc_aux.h"
#include "out.h"
#include "html.h"
#include "mdoc.h"
@@ -514,9 +515,10 @@ mdoc_root_post(MDOC_ARGS)
static int
mdoc_root_pre(MDOC_ARGS)
{
+ char b[BUFSIZ];
struct htmlpair tag[3];
struct tag *t, *tt;
- char b[BUFSIZ], title[BUFSIZ];
+ char *title;
strlcpy(b, meta->vol, BUFSIZ);
@@ -526,7 +528,7 @@ mdoc_root_pre(MDOC_ARGS)
strlcat(b, ")", BUFSIZ);
}
- snprintf(title, BUFSIZ - 1, "%s(%s)", meta->title, meta->msec);
+ mandoc_asprintf(&title, "%s(%s)", meta->title, meta->msec);
PAIR_SUMMARY_INIT(&tag[0], "Document Header");
PAIR_CLASS_INIT(&tag[1], "head");
@@ -557,6 +559,8 @@ mdoc_root_pre(MDOC_ARGS)
print_otag(h, TAG_TD, 2, tag);
print_text(h, title);
print_tagq(h, t);
+
+ free(title);
return(1);
}
Index: mdoc_term.c
===================================================================
RCS file: /usr/vhosts/mdocml.bsd.lv/cvs/mdocml/mdoc_term.c,v
retrieving revision 1.265
retrieving revision 1.266
diff -Lmdoc_term.c -Lmdoc_term.c -u -p -r1.265 -r1.266
--- mdoc_term.c
+++ mdoc_term.c
@@ -30,6 +30,7 @@
#include <string.h>
#include "mandoc.h"
+#include "mandoc_aux.h"
#include "out.h"
#include "term.h"
#include "mdoc.h"
@@ -441,9 +442,10 @@ print_mdoc_foot(struct termp *p, const v
static void
print_mdoc_head(struct termp *p, const void *arg)
{
- char buf[BUFSIZ], title[BUFSIZ];
- size_t buflen, titlen;
- const struct mdoc_meta *meta;
+ char buf[BUFSIZ];
+ const struct mdoc_meta *meta;
+ char *title;
+ size_t buflen, titlen;
meta = (const struct mdoc_meta *)arg;
@@ -473,7 +475,7 @@ print_mdoc_head(struct termp *p, const v
strlcat(buf, ")", BUFSIZ);
}
- snprintf(title, BUFSIZ, "%s(%s)", meta->title, meta->msec);
+ mandoc_asprintf(&title, "%s(%s)", meta->title, meta->msec);
titlen = term_strlen(p, title);
p->flags |= TERMP_NOBREAK | TERMP_NOSPACE;
@@ -508,6 +510,7 @@ print_mdoc_head(struct termp *p, const v
p->flags &= ~TERMP_NOSPACE;
p->offset = 0;
p->rmargin = p->maxrmargin;
+ free(title);
}
static size_t
--
To unsubscribe send an email to source+unsubscribe@mdocml.bsd.lv
reply other threads:[~2014-04-20 20:18 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201404202018.s3KKICIp008088@krisdoz.my.domain \
--to=schwarze@mdocml.bsd.lv \
--cc=source@mdocml.bsd.lv \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).